<?php
/**
 * send_message.php
 *
 * INPUT: 	$_POST['from']
 * 			$_POST['to']
 * 			$_POST['message']
 * OUTPUT: 	an XML file with chat messages.
 * 
 * By Laurens Van Keer
 */
 
// CONNECT TO DB
require('../config.php');
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('<Error>Error connecting to mysql!</Error>');
mysql_select_db($dbname);
// DONE CONNECTING

if ( empty($_POST['from']) || empty($_POST['to']) || empty($_POST['message']) ) {
	die('<Error>Missing argument!</Error>' . PHP_EOL . '</Users>');
} else {

	// get arguments
	$time = time();
	$from = mysql_real_escape_string(htmlentities($_POST['from']));
	$to = mysql_real_escape_string(htmlentities($_POST['to']));
	$message = mysql_real_escape_string(htmlentities($_POST['message']));
	
	// send query
	$query = "INSERT INTO geo_chat (time, fromUser, toUser, message) VALUES ('$time', '$from', '$to', '$message')";
	$result = mysql_query($query);
	
}
?>